Vulnerability Scanning Improved; Intrusion Detection System on the Way

In February 2005, two key components were integrated into the campus vulnerability scanning system: VLAN scanning and a honeypot. Both the daily VLAN scanning component and the honeypot were transitioned from the vulnerability detection system (originally developed in Fall 2003) to the newer, more robust and updateable system. The honeypot and daily VLAN vulnerability/infection scans gather information about malicious traffic on the campus computing network and logs the information in the searchable Computer & Network Security Report database (secalert.ucdavis.edu). Reports and email messages are generated from the database to the appropriate VLAN administrator. An intrusion detection system (IDS) is expected to be integrated into the vulnerability scanning system in early June. For more information, see security.ucdavis.edu/vuln_resources.cfm.